Avahi by Default on the Desktop

Note: this is not a place to gather opinions, but please do contribute with actual facts or research.

Use case

User is in at home or in a print shop (like Kinkos) and wants to print to a printer for the first time.

Opens "Printers" in System Settings to add a new printer.

The printer is advertised using MDNS and user sees it displayed, clicks on it to install.

Currently this does not work in Fedora. Avahi is blocked by our firewall by default. Obviously many printers don't use MDNS. This is about MDNS and our implementation: Avahi.

Note that a firewall is orthogonal this use case, even if security "zones" were implemented. We want printers to be discoverable from the "Printers" control panel even on possibly "hostile" networks. The user should not have to type their root or login password for a policy kit prompt to see printers on the network. Neither should they have to disable their firewall or otherwise diddle it.

Goal

If the current implementation of automatic printer discovery using MDNS is not secure, it should be possible to make it secure and make the above use case work. If it is absolutely impossible to make it secure, then we want to discover exactly why.

Privacy and Security Issues

Running Avahi by default, in its current state, causes security and privacy issues.

We would like to enumerate those issues here, so that we can sufficiently neuter Avahi so that it can be run by default without a firewall and not pose any threat to the system. The end goal is to facilitate the above use cases, and others like it.